If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Re: Sickness - Password Sniffing with SSLStrip.

great tutorial,, althou im wondering, what command in here, is it that gives no warning?
and how do you know what to grep for? and when to do it?

also with this i noticed you did not sign into yahoo mail, is it becouse account did not exist? im guessing that anyway :P
i kinda lol'd when i saw "w00t no warning" then "wrong account info" in other window ^^

Re: Sickness - Password Sniffing with SSLStrip.

Originally Posted by krillerill

great tutorial,, althou im wondering, what command in here, is it that gives no warning?
and how do you know what to grep for? and when to do it?

also with this i noticed you did not sign into yahoo mail, is it becouse account did not exist? im guessing that anyway :P
i kinda lol'd when i saw "w00t no warning" then "wrong account info" in other window ^^

Well it was not a valid yahoo account, but if it were valid it would have signed in. The questions about what to grep for have been answered by Eatme pretty much and the question about when to do it, really depends on when the victim logs in

Back|track giving machine guns to monkeys since 2007 !

Do not read theWiki, most your questions will not be answered there !Do not take a look at the: Forum Rules!

Re: Sickness - Password Sniffing with SSLStrip.

Hi,

I successfully ran sslstrip within my own network against my second laptop, and it worked perfectly. However, subsequent attempts against that laptop are not working. For one thing, when I check the MAC address on the victim machine (arp -a) I am not getting the same results as I did on the first attempt. Also, the log file I am keeping on the attacker machine is empty. Most importantly, when I went to gmail (on subsequent attempts) I got https instead of http.

I am wondering whether there are any specific commands I should have run after the first attempt to terminate/kill some of these processes, keeping in mind that after the first successful attempt I completely shut down the attacker machine and put the victim machine into sleep mode before attempting subsequent attempts (and I rebooted the wireless router).